China Spying on US Veterans, Active Service Members...

China is spying on U.S. veterans and military service members through a breach of the largest veterans’ organization. The attack was uncovered by security researchers at FireEye, who have dubbed it “Operation SnowMan” due to its strategic timing when government workers may be distracted by winter storms and a national holiday.

The attack attempted to target anyone who visited the Veterans of Foreign Wars (VFW) website. The congressionally chartered organization, which has close to 2 million members, advocates for military benefits and assists veterans with disability claims to the Department of Veterans Affairs.

It allowed Chinese hackers to monitor and gain control over users’ computers by quietly installing a Remote Access Trojan (RAT).

“A possible objective in the ‘SnowMan’ attack is targeting military service members to steal military intelligence,” states a blog post by FireEye describing the attack, noting “In addition to retirees, active military personnel use the VFW website.”

It notes that the attack coincides with Presidents Day, “and much of the U.S. Capitol shut down Thursday amid a severe winter storm.”

In the attack, Chinese hackers injected the VFW website with infected code that loaded their own code in the background any time someone visited the site. If someone accessed the site while using Internet Explorer 10 with Adobe Flash running, the malicious code on the site would then infect the user’s computer. If the computer was otherwise configured, it would not be infected.

At press time, Epoch Times was unable to reach anyone at VFW to verify whether it had removed the infected code on its website.